cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
221
Views
0
Helpful
1
Replies
Highlighted
Beginner

Cisco ISR 4351 tls problem

Good day!

Replacing the old cisco 2901 with the new isr 4351. After the replacement, there was a problem. Traffic to the test host goes well over http and partially over https. Some users can get access over https and some can't. When checking with curl it freezes in the phase

```
* TCP_NODELAY set
* Connected to ######test_servise####### (#####white ip######) port 443 (#0)
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
```

ios-xe 16.06.4

Added ip adjust-mss 1452 to the Internet interface and everything worked!

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Beginner

Added ip adjust-mss 1452 to the Internet interface and everything worked!

View solution in original post

1 REPLY 1
Highlighted
Beginner

Added ip adjust-mss 1452 to the Internet interface and everything worked!

View solution in original post